# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  include AuthenticatedSystem
  
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery :secret => '30716368ccbfa74f74ffb27f357ea5a3'
  
  def correct_agency?
    logged_in? && current_user.can_edit_agency_by_id(params[:agency_id])
  end
  
  def correct_agency_required
    correct_agency? || agency_denied
  end
  
  def agency_denied
    respond_to do |format|
      format.html do
        store_location
        flash[:notice] = "You are not allowed to access that agency"
        redirect_to home_url
      end
      format.any do
        request_http_basic_authentication 'Web Password'
      end
    end
  end
end
